CVE-2025-4723 – iSourcecode Placement Management System SQL Injection Vulnerability

May 15, 2025

CVE ID : CVE-2025-4723

Published : May 15, 2025, 10:15 p.m. | 2 hours, 42 minutes ago

Description : A vulnerability classified as critical was found in itsourcecode Placement Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /all_student.php. The manipulation of the argument delete leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

Severity: 7.3 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-4724 – iSourcecode Placement Management System SQL Injection Vulnerability

Next Article CVE-2025-47287 – Tornado Multipart Form Data Denial of Service Vulnerability

Highlights

CVE-2025-3862 – Contest Gallery WordPress Stored Cross-Site Scripting Vulnerability

May 8, 2025

CVE ID : CVE-2025-3862

Published : May 8, 2025, 12:15 p.m. | 3 hours, 22 minutes ago

Description : Contest Gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘id’ parameter in all versions up to, and including, 26.0.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

Severity: 6.4 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

This week in AI dev tools: Gemini API Batch Mode, Amazon SageMaker AI updates, and more (July 11, 2025)

JFrog finds MCP-related vulnerability, highlighting need for stronger focus on security in MCP ecosystem

8 Key Questions Every CEO Should Ask Before Hiring a Node.js Development Company in 2025

Vibe Loop: AI-native reliability engineering for the real world

DistroWatch Weekly, Issue 1130

Distribution Release: GParted Live 1.7.0-8

Distribution Release: CachyOS 250713

Most AI projects are abandoned – 5 ways to ensure your data efforts succeed

The details of TC39’s last meeting

The details of TC39’s last meeting

new Date(“wtf”) – How well do you know JavaScript’s Date class?

Francisco Bergeret Paves the Way Through Strong Leadership at Perficient

DistroWatch Weekly, Issue 1130

DistroWatch Weekly, Issue 1130

Distribution Release: GParted Live 1.7.0-8

Distribution Release: CachyOS 250713

CVE-2025-4723 – iSourcecode Placement Management System SQL Injection Vulnerability

Critical Cisco Vulnerability in Unified CM Grants Root Access via Static Credentials

Critical Vulnerability in Anthropic’s MCP Exposes Developer Machines to Remote Exploits

CVE-2025-7548 – Tenda FH1201 Stack-Based Buffer Overflow Vulnerability

APPLE-SA-04-16-2025-3 tvOS 18.4.1

Optimize query responses with user feedback using Amazon Bedrock embedding and few-shot prompting

CVE-2025-6619 – TOTOLINK CA300-PoE Command Injection Vulnerability

CVE-2025-3862 – Contest Gallery WordPress Stored Cross-Site Scripting Vulnerability

Can’t Find a Tax Accountant? Here’s Why and What To Do Next

Microsoft doc says recycle Windows 10 PCs if they can’t upgrade to Windows 11

Chinese Smishing Kit Powers Widespread Toll Fraud Campaign Targeting U.S. Users in 8 States

CVE-2025-4723 – iSourcecode Placement Management System SQL Injection Vulnerability

Related Posts